<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<!--#include file="../inc/conn.asp"-->
<!--#include file="../inc/md5.asp"-->
<!--#include file="../common/admin.asp"-->
<%
id=request.QueryString("editid")
if id<>"" then
	set rs=server.CreateObject("adodb.recordset")
	sql="select * from admin where id="&id&""
	rs.open sql,conn,1,3
	if not rs.eof then
	     name=rs("name")
		 menu=rs("menu")
		 content=rs("content")
		 typevalue=rs("type")
	rs.close
	set rs=nothing
	end if
end if
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>add</title>
<link href="../css/style.css" rel="stylesheet" type="text/css"/>
</head>

<body>
<div class="main">
  <div class="main-title">管理员</div>
  <div class="main-content">
  <%if id<>"" then%>
  <table width="100%" border="0" cellspacing="1" cellpadding="3" class="tab">
  <form action="" method="post">
  <tr>
    <td width="29%" bgcolor="#FFFFFF">用户名 </td>
    <td width="71%" bgcolor="#FFFFFF"><input name="name" type="text" class="input" id="name" value="<%=name%>" maxlength="16" readonly="readonly" /></td>
  </tr>
  <tr>
    <td bgcolor="#FFFFFF">备注</td>
    <td bgcolor="#FFFFFF"><textarea name="content" cols="40" rows="4" class="content-input" id="content"><%=content%></textarea></td>
  </tr>
  <tr>
    <td bgcolor="#FFFFFF">权限 </td>
    <td bgcolor="#FFFFFF">
			<%
			ii=0
			sub menulist(selec)
			set rsm=conn.execute("select * from menu where fid="&selec&" and mark=1 order by sort")
			do while not rsm.eof
			if selec=0 then
            %>
     <input name="menu" type="checkbox" id="menu" value="<%=rsm("id")%>"<%
	 if menu<>"" then
		   menuvalue=split(menu,",")
		   for i=0 to ubound(menuvalue)
		   if REPLACE(menuvalue(i)," ","") = REPLACE(rsm("id")," ","") then response.write " checked"
		   next
	 end if
	 'if typevalue=1 then response.Write " disabled"
     %>><strong><%=rsm("title")%>: </strong><br />
    <%
	else
	%>
     <%=string(ii*2,"　")%><input name="menu" type="checkbox" id="menu" value="<%=rsm("id")%>"<%
	 if menu<>"" then
		   menuvalue=split(menu,",")
		   for i=0 to ubound(menuvalue)
		   if REPLACE(menuvalue(i)," ","") = REPLACE(rsm("id")," ","") then response.write " checked"
		   next
	 end if
	 'if typevalue=1 then response.Write " disabled"
     %>><%=rsm("title")%> <br />
      
    <%
	end if
	ii=ii+1
	   menulist(rsm("id"))
	ii=ii-1
	rsm.movenext
	loop
	set rsm=nothing
	end sub
	menulist(0)		
	%>
    
    </td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF"><input type="submit" name="button" id="button" value="保存" /></td>
    </tr>
    </form>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    </tr>
  </table>
  <%else%>
  <table width="100%" border="0" cellspacing="1" cellpadding="3" class="tab">
  <form action="" method="post">
  <tr>
    <td width="29%" bgcolor="#FFFFFF">用户名 </td>
    <td width="71%" bgcolor="#FFFFFF"><input name="name" type="text" class="input" id="name" maxlength="16" /></td>
  </tr>
  <tr>
    <td bgcolor="#FFFFFF">密码 </td>
    <td bgcolor="#FFFFFF"><input name="password" type="password" class="input" id="password" maxlength="16" /></td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">确认密码</td>
    <td bgcolor="#FFFFFF"><input name="password2" type="password" class="input" id="password2" maxlength="16" /></td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">备注</td>
    <td bgcolor="#FFFFFF"><textarea name="content" cols="40" rows="4" class="content-input" id="content"></textarea></td>
  </tr>
  <tr>
    <td bgcolor="#FFFFFF">权限 </td>
    <td bgcolor="#FFFFFF">
		  <%
          ii=0
		  sub menulistx(selecx)
		  set rsmx=conn.execute("select * from menu where fid="&selecx&" and mark=1 order by sort")
		  do while not rsmx.eof
		  if selecx=0 then
          %>
     <input name="menu" type="checkbox" id="menu" value="<%=rsmx("id")%>" ><strong><%=rsmx("title")%>: </strong> <br />
      <%
	  else
	  %>
     <%=string(ii*2,"　")%><input name="menu" type="checkbox" id="menu" value="<%=rsmx("id")%>" ><%=rsmx("title")%> <br />
    <%
	end if
	ii=ii+1
	   menulistx(rsmx("id"))
	ii=ii-1
	rsmx.movenext
	loop
	set rsmx=nothing
	end sub
	menulistx(0)		
	%>
    
    </td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF"><input type="submit" name="button" id="button" value="添加" /></td>
    </tr>
    </form>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    </tr>
  <tr>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    <td bgcolor="#FFFFFF">&nbsp;</td>
    </tr>
  </table>
  <%end if%>
</div>
</div>
</body>
</html>
<%if request.Form("button")="添加" then

	  name=checkstr(inHTML(request.Form("name")))
	  password=checkstr(inHTML(request.Form("password")))
	  password2=checkstr(inHTML(request.Form("password2")))
	  menu=request.Form("menu")
	  content=request.Form("content")

	  if name="" or password="" or menu="" then
	  response.write"<script>alert('用户名，密码，权限全部不能为空');</script>"
	  response.write"<script>window.history.back(-1);</script>"
	  response.end
	  end if

	  if password<>password2 then
	  response.write"<script>alert('两次输入密码不一致，请重新输入');</script>"
	  response.write"<script>window.history.back(-1);</script>"
	  response.end
	  end if

	  set rsx=server.createobject("adodb.recordset")
	  sql="select * from admin where name='"&name&"'"
	  rsx.open sql,conn,1,3
	  if not rsx.eof then
	  response.write"<script>alert('用户已存在，请重新输入');</script>"
	  response.write"<script>window.history.back(-1);</script>"
	  response.end 
	  else
	  rsx.addnew
	  rsx("name")=name
	  rsx("password")=md5(name&password&name)
	  rsx("menu")=menu
	  rsx("content")=content
	  rsx.update
	  response.write"<script language=JavaScript>{window.alert('添加成功！');window.location.href='view.asp';}</script>"
	  rsx.close
	  set rsx=nothing
	  end if

elseif request.Form("button")="保存" then

	  name=request.Form("name")
	  menu=request.Form("menu")
	  content=request.Form("content")

	  if name="" or menu="" then
	  response.write"<script>alert('用户名，权限全部不能为空');</script>"
	  response.write"<script>window.history.back(-1);</script>"
	  response.end
	  end if

	  set rsx=server.createobject("adodb.recordset")
	  sql="select * from admin where name='"&name&"'"
	  rsx.open sql,conn,1,3
	  rsx("menu")=menu
	  rsx("content")=content
	  rsx.update
	  response.write"<script language=JavaScript>{window.alert('保存成功！');window.location.href='add.asp?editid="&id&"';}</script>"
	  rsx.close
	  set rsx=nothing
end if
%>